3 tips to find hacking on your site, and ways to prevent and fix it
Stay organized with collectionsSave and categorize content based on your preferences.
Friday, February 28, 2014
Google shows this message in search results forsites that we believe may have been compromised.
You might not think your site is a target for hackers, but it's surprisingly common. Hackers
target large numbers of sites all over the web in order to exploit the sites' users or reputation.
One common way hackers take advantage of vulnerable sites is by adding spammy pages. These spammy
pages are then used for various purposes, such as redirecting users to undesired or harmful
destinations. For example, we've recently seen an increase in hacked sites redirecting users to
fake online shopping sites.
Once you recognize that your website may have been hacked, it's important to diagnose and fix the
problem as soon as possible. We want webmasters to keep their sites secure in order to protect
users from spammy or harmful content.
3 tips to help you find hacked content on your site
Check your site for suspicious URLs or directories: Keep an eye out for any suspicious activity on your site by performing asite:searchof your site in Google, such assite:example.com. Are there any suspicious URLs
or directories that you do not recognize?
You can also set up aGoogle Alertfor your site. For example, if you set a Google Alert forsite:example.com (viagra|cialis|casino|payday loans), you'll receive an email
when these keywords are detected on your site.
Look for unnatural queries on the Search Queries page in Webmaster Tools: TheSearch Queriespage shows Google Web Search queries that have returned URLs from your site. Look for
unexpected queries as it can be an indication of hacked content on your site.
Don't be quick to dismiss queries in different languages. This may be the result of spammy
pages in other languages placed on your website.
Enable email forwarding in Webmaster Tools Google will send you a message if we detect that your site may be compromised. Messages appear
in Webmaster Tools' Message Center but it's a best practice to alsoforward these messages to your email.
Keep in mind that Google won't be able to detect all kinds of hacked content, but we hope our
notifications will help you catch things you may have missed.
Tips to fix and prevent hacking
Stay informed: TheSecurity Issuessection
in Webmaster Tools will show you hacked pages that we detected on your site. We also providedetailed information to help you fix your hacked site.
Make sure to read through this documentation so you can quickly and effectively fix your site.
Protect your site from potential attacks: It's better to prevent sites from being hacked than to clean up hacked content. Hackers will
often take advantage of security vulnerabilities on commonly used website management software.
Here are some tips to keep your site safe from hackers:
Always keep the software that runs your website up-to-date.
If your website management software tools offer security announcements, sign up to get the
latest updates.
If the software for your website is managed by your hosting provider, try to choose a
provider that you can trust to maintain the security of your site.
We hope this post makes it easier for you to identify, fix, and prevent hacked spam on your site.
If you have any questions, drop by theGoogle Webmaster Help Forum.
If you find suspicious sites in Google search results, please report them usingthe Spam Report tool.
Posted byMegumi Hitomi,
Japanese Search Quality Team
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],[],[[["\u003cp\u003eHackers frequently target websites to exploit users or damage site reputation, often by adding spam pages for malicious redirects.\u003c/p\u003e\n"],["\u003cp\u003eWebsite owners should regularly monitor their sites for suspicious URLs, unnatural search queries, and enable email forwarding for security alerts from Google.\u003c/p\u003e\n"],["\u003cp\u003eGoogle provides resources and tools, including the Security Issues section in Webmaster Tools, to assist in identifying and fixing hacked content.\u003c/p\u003e\n"],["\u003cp\u003eProactive measures such as keeping website software updated and choosing a trusted hosting provider are crucial to prevent hacking attempts.\u003c/p\u003e\n"],["\u003cp\u003eGoogle encourages reporting suspicious sites using the Spam Report tool to help maintain a safe online environment for all users.\u003c/p\u003e\n"]]],["Hackers frequently exploit websites, often adding spammy pages to redirect users to harmful sites. To identify hacked content, perform a `site:` search in Google for suspicious URLs, set up Google Alerts for keywords, and check for unusual queries in Webmaster Tools. Enable email forwarding in Webmaster Tools for hacking alerts. To prevent hacking, keep website software updated, sign up for security announcements, and choose a trusted hosting provider. Report suspicious sites via the Spam Report tool.\n"],null,["# 3 tips to find hacking on your site, and ways to prevent and fix it\n\nFriday, February 28, 2014\n\n\nGoogle shows this message in search results for\n[sites that we believe may have been compromised](https://support.google.com/websearch/answer/190597).\nYou might not think your site is a target for hackers, but it's surprisingly common. Hackers\ntarget large numbers of sites all over the web in order to exploit the sites' users or reputation.\n\n\nOne common way hackers take advantage of vulnerable sites is by adding spammy pages. These spammy\npages are then used for various purposes, such as redirecting users to undesired or harmful\ndestinations. For example, we've recently seen an increase in hacked sites redirecting users to\nfake online shopping sites.\n\n\nOnce you recognize that your website may have been hacked, it's important to diagnose and fix the\nproblem as soon as possible. We want webmasters to keep their sites secure in order to protect\nusers from spammy or harmful content.\n\n3 tips to help you find hacked content on your site\n---------------------------------------------------\n\n1.\n **Check your site for suspicious URLs or directories** : \n\n Keep an eye out for any suspicious activity on your site by performing a\n [`site:` search](/search/docs/monitor-debug/search-operators/all-search-site)\n of your site in Google, such as `site:example.com`. Are there any suspicious URLs\n or directories that you do not recognize?\n\n\n You can also set up a\n [Google Alert](https://www.google.com/alerts)\n for your site. For example, if you set a Google Alert for\n `site:example.com (viagra|cialis|casino|payday loans)`, you'll receive an email\n when these keywords are detected on your site.\n2.\n **Look for unnatural queries on the Search Queries page in Webmaster Tools** : \n\n The\n [Search Queries](https://support.google.com/webmasters/answer/35252)\n page shows Google Web Search queries that have returned URLs from your site. Look for\n unexpected queries as it can be an indication of hacked content on your site.\n\n\n Don't be quick to dismiss queries in different languages. This may be the result of spammy\n pages in other languages placed on your website.\n3.\n **Enable email forwarding in Webmaster Tools** \n\n Google will send you a message if we detect that your site may be compromised. Messages appear\n in Webmaster Tools' Message Center but it's a best practice to also\n [forward these messages to your email](https://support.google.com/webmasters/answer/140528).\n Keep in mind that Google won't be able to detect all kinds of hacked content, but we hope our\n notifications will help you catch things you may have missed.\n\nTips to fix and prevent hacking\n-------------------------------\n\n- **Stay informed** : \n The [Security Issues](/search/blog/2013/10/easier-recovery-for-hacked-sites) section in Webmaster Tools will show you hacked pages that we detected on your site. We also provide [detailed information to help you fix your hacked site](/web/fundamentals/security/hacked). Make sure to read through this documentation so you can quickly and effectively fix your site.\n-\n **Protect your site from potential attacks** : \n\n It's better to prevent sites from being hacked than to clean up hacked content. Hackers will\n often take advantage of security vulnerabilities on commonly used website management software.\n Here are some tips to keep your site safe from hackers:\n\n - Always keep the software that runs your website up-to-date.\n - If your website management software tools offer security announcements, sign up to get the latest updates.\n - If the software for your website is managed by your hosting provider, try to choose a provider that you can trust to maintain the security of your site.\n\n\nWe hope this post makes it easier for you to identify, fix, and prevent hacked spam on your site.\nIf you have any questions, drop by the\n[Google Webmaster Help Forum](https://support.google.com/webmasters/threads?hl=en&thread_filter=(category:security_malware_hacked)).\n\n\nIf you find suspicious sites in Google search results, please report them using\n[the Spam Report tool](/search/docs/advanced/guidelines/report-spam).\n\n\nPosted by [Megumi Hitomi](/search/blog/authors/megumi-hitomi),\nJapanese Search Quality Team"]]
